Hi, just how useful is NOD32 at detecting and removing spyware/adware, etc?

I have the new beta installed and have just downloaded and installed Bonzi Buddy to see if NOD32 would react, and it didn't. I then ran Spybot, Adaware and the Microsoft Antispyware Beta and they all found and could remove Bonzi Buddy.

I then recovered the spyware that Spybot - Search & Destroy had found over the months, which includes Alexa Related, eAcceleration and various other spyware/adware. Again Nod32 let the files be moved from the password protected zip files from Spybot to my pc. Running a scan with NOD32 didnt detect anything. I had to use the Spyware programs again to remove everything again.

I have all the NOD32 modules set to max, including the options for Adware/Spyware/Riskware and Potentially dangerous applications.

I understand that NOD32 is above all else an excellent anti-virus program, and so I dont expect it to be able to find and remove all the malware that the dedicated programs can. However, I thought it would detect at least some of the ones i tested it with. I hoped that either IMON would detect Bonzi Buddy when downloading, or AMON would stop Bonzi from being installed or at least NOD32 scanner would find and warn of its presence.

Is NOD32 actually putting iteself forward as a worthy adversary in the fight against spyare/adware/riskware? or should this be left to the dedicated applications. From what I have seen so far, it is giving a false sense of security.

Before signing off, I'd like to say that NOD32 is the only antivirus product I would ever use, trust it 100% to keep my pcs free from viruses and have been a user for over 3 years :-)

NOD32 is not a dedicated antispyware product. If you have any samples not detected by NOD32, you can still send them to samples@eset.com.

it is recommended that you have dedicated spyware/anti-trojan protection in addition to nod32. Since we adopted NOD32, we have not had any of our spyware tools find anything, but common sense dictates that we have a few tools in our belt, not just one.

Eset doesn't provide you a false sense of security - perhaps you could elaborate... where are the claims that this is all you need?

hth

Greg

-{ Quote: "NOD32 is not a dedicated antispyware product. If you have any samples not detected by NOD32, you can still send them to samples@eset.com." }-
thanks for the reply, yes as I said in my post I know NOD32 isn't a dedicated antispyware product, I was just surprised that it didnt detect the spyware/adware examples I had. I'm sure it does detect it's fair share, otherwise the options wouldnt be there. So what would I submit to eset then, the whole bonzibuddy executable for example?

-{ Quote: "Eset doesn't provide you a false sense of security - perhaps you could elaborate" }-
by 'false sense of security' I mean if a novice user had NOD32 and saw the options to stop/remove spyware and adware they may think that is all that is needed, and they were protected from virus/spyware/adware/riskware under one handy NOD32 umbrella.

-{ Quote: "... where are the claims that this is all you need?" }-
I never said NOD32 was all you needed

....sorry, misquoted above, last 2 should show as posted by webyourbusiness not marcos

np Lee1276, I think I worked it out...

the "problem" is perhaps in any product putting itself forward as a solution - there is no one solution - just as a mechanic can't rebuild an engine with one wrench, a computer should not have a single protection tool... unless you happen to believe the BS put out by the like of NIS... et alii...

-{ Quote: "np Lee1276, I think I worked it out...

the "problem" is perhaps in any product putting itself forward as a solution - there is no one solution - just as a mechanic can't rebuild an engine with one wrench, a computer should not have a single protection tool... unless you happen to believe the BS put out by the like of NIS... et alii..." }-

I agree with this post Symantec (AKA) Norton Products have many people fooled!! I Tried Norton AntiVirus 2004 60 Day Trial with my new Box and I removed it after a week:-X it does not even come close to NOD32!! And I believe in the Layered Security Avenue I do not rely on ONE product to do the job!!

Cheers,

dagolag

-{ Quote: "the "problem" is perhaps in any product putting itself forward as a solution - there is no one solution - just as a mechanic can't rebuild an engine with one wrench, a computer should not have a single protection tool... unless you happen to believe the BS put out by the like of NIS... et alii..." }-Then isn't Eset guilty, too? Right on this page (http://www.nod32.com/products/products.htm), they say:
-{ Quote: "Viruses, worms, trojans and other malware are kept out of striking distance of your valuable data." }-Then, on this page (http://www.nod32.com/products/nt.htm), they say that version 2.12.1:
-{ Quote: "added detection of potentially dangerous applications (spyware, adware, dialer,...)" }-And in the new beta, there are specific settings to detect Adware/Spyware/Riskware and Potentially dangerous applications.

And here, we have a customer wondering why NOD32 didn't detect some well-known spyware, and your response is that "common sense" should tell one that NOD32 isn't all they need.

How is that common sense? Where does Eset say, officially, that their product "sort of detects spyware and trojans, but not really"? What is the official stance--that "Yeah, the settings are in there, but they don't provide 'dedicated protection' or anything." ...?

I like Eset, and I like NOD32, but I find it annoying how they and their users want credit when the product detects something, but also use the "we don't really do trojans or spyware" when it misses something.

NOD32 detect most spywares but if you scan with SpySweeper etc.. it will find toolbars and stuff that are not danger for system.

As I saw NOD32 detect just danger spywares or adware which point user to danger websites or do system modifications.

NOD just started to detect spywares few months ago and there is not that many spywares around comparing to viruses and I know eset doing right thing!

Also if they employ several peeps like my brother who always catch some new spywares on net they could get more samples eheh:)

Getting samples is not the big problem, the point is here that you have to make strict priorities as AV vendor.

Detecting Spyware is a --- i call it so --- nice to have feature, but first you have to take care of your homework, worms for instance.

I have excactly THIS spyware in my 'todo' scheduler for almost 2 weeks - believe it or not, i didn't have the time yet because there was always something else with a higher priority.

Numerous of MyTob worms last week, then last friday i thought 'hurra, time for the Bonzi....' New Sober Worm! Bummer....

And this happens to a lot of other AV-related people. Not only me. So please understand the priorities. This Spyware will be included for detection VERY SOON.

Cheers ;D

ive posted this in another thread, but it seems more relivant here..

can u include smiley central please i have numerous friends/family that ALWAYS get this.. & they use nod32.. so it'd help alot :P

thanks for the reply and insight Happy Bytes! :)

-{ Quote: "Getting samples is not the big problem, the point is here that you have to make strict priorities as AV vendor.

Detecting Spyware is a --- i call it so --- nice to have feature, but first you have to take care of your homework, worms for instance.

I have excactly THIS spyware in my 'todo' scheduler for almost 2 weeks - believe it or not, i didn't have the time yet because there was always something else with a higher priority.

Numerous of MyTob worms last week, then last friday i thought 'hurra, time for the Bonzi....' New Sober Worm! Bummer...." }-Is Eset simply understaffed? Sounds like it may be.

Never mind... Don't answer. :)

-{ Quote: "Then isn't Eset guilty, too? Right on this page (http://www.nod32.com/products/products.htm), they say:
Then, on this page (http://www.nod32.com/products/nt.htm), they say that version 2.12.1:
And in the new beta, there are specific settings to detect Adware/Spyware/Riskware and Potentially dangerous applications.

And here, we have a customer wondering why NOD32 didn't detect some well-known spyware, and your response is that "common sense" should tell one that NOD32 isn't all they need.

How is that common sense? Where does Eset say, officially, that their product "sort of detects spyware and trojans, but not really"? What is the official stance--that "Yeah, the settings are in there, but they don't provide 'dedicated protection' or anything." ...?

I like Eset, and I like NOD32, but I find it annoying how they and their users want credit when the product detects something, but also use the "we don't really do trojans or spyware" when it misses something." }-

Take it up with Eset - I "sort of" agree - but myself - as a reseller - I tell clients - you need:

1. hardware/software firewall...
2. solid AV with spyware protection
3. at least 1, preferable 2 or 3 additional tools... most of which we'll happily provide links to download trials or freeware versions of

Marketing is marketing - you can't expect Eset to tell people that ADDITIONAL tools are required - it would be commercial suicide... especially when people read the BS from Norton etc.

-{ Quote: "Is Eset simply understaffed? Sounds like it may be.

Never mind... Don't answer. :)" }-

Well adding spyware is another huge job. exspecially i think there will proberly more spyware than Virus someday looking at the growth of it. That is why spysweeper need a bot to collect these things.

But i do think the same. Can NOD32 really do spyware? Giving they are a relatively small company compare to Symantect and Mcafee. Where they can have more staff on the subject.

We will see when symantec release Symantec AV Cooperate Edition 10 where spyware is a major feature they add. Then we can compare.

-{ Quote: "Take it up with Eset" }-I was just responding to your own comments...-{ Quote: "Marketing is marketing - you can't expect Eset to tell people that ADDITIONAL tools are required - it would be commercial suicide... especially when people read the BS from Norton etc." }-I completely understand that aspect of it, but to further put it in perspective, let's say that I include on my résumé the claim that I know Java and Python programming. The truth is that I've looked at them, and know something about each, but I'm not an expert in them.

It would be career suicide for me to say in interviews "I don't really know Java or Python--you'll need to hire an additional person for that."

But if they hired me based on what I said on my résumé, don't they have a right to be really ticked off when they find out the truth?

nameless,

Feel free to open a new thread on your issue. Marcos did address the initial posters question - thus let's stay on topic as far as the issue in regard to this thread is concerned.

regards,

paul

As if I'm not supposed to know that someone whined to you to come spank me... No thanks on the new thread; it's like asking mods to lock topics.

-{ Quote: "As if I'm not supposed to know that someone whined to you to come spank me..." }-

No one whined - no intention to spank. Just keeping this thread on topic.

-{ Quote: "No thanks on the new thread; it's like asking mods to lock topics." }-

That remark is totally uncalled for. In case you do feel the need to discuss a topic (and obviously you do): be our guest, taking out TOS into account. If not: that's your decision and yours only.

regards,

paul

-{ Quote: "No one whined - no intention to spank." }-Pity ;D

Back to the topic.... seems to me that this "stupid" monkey is already knowing what's going on ;D ;D ;D

That was the first greeting what i got from him ;D
I can imagine he knows what i'm going to do with him 8)

;D ;D ;D @ Happy Bytes

bye bye bonzi! 8)

For this monkey we would need beside Adware & Spyware another category:
AnnoyWare he's stealing my last nervs on this monday morning :o
It's not really a 'dangerous' Spyware...

yep, its certainly annoying!
Consumer Web Watch call it a "Bad Santa"...

http://www.consumerwebwatch.org/view-article.cfm?id=10188&at=501

-{ Quote: "yep, its certainly annoying!
Consumer Web Watch call it a "Bad Santa"...

http://www.consumerwebwatch.org/view-article.cfm?id=10188&at=501" }-

how do they rate incredimail?

-{ Quote: "how do they rate incredimail?" }-

apparently they dont, at least not at the moment. Not sure if other adware/malware apps detect it as such

-{ Quote: "apparently they dont, at least not at the moment. Not sure if other adware/malware apps detect it as such" }-


just wondered - we have clients (web hosting) with mail issues due to the way it proxies up the mailserver connection - we simply won't support it as a mail client - it also has a large number of privacy concrns, but that doesn't stop many users downloadnig and installing it... much like bonzi... clients with those kinds of problems cost us the most to support - ergo, a long list of software applications that we simply won't support!

The trouble with identifying those kinds of ad/malware - is that they really aren't destructive - but I would like them considered pestware, or privacy abusers by as many tools as possible!

doing a quick search in google for incredimail does bring up suggestions that it should be classed as malware, though it doesnt seem to be unanimous.

this sort of goes back to my original post - if nod32 is going to be classed as a useful program in the fight against malware shouldnt it be finding and removing the most common/most dangerous threats? Happy Bytes explained about the priorities and I agree there, I definately would not want to see the qualities of nod32 as an antivirus tool compromised for the sake of malware detection as i use other programs for that - albeit 3 other programs as each one misses threats that the others find...and these are dedicated malware programs.

There could always be a seperate component for NOD32 or even a seperate program that runs in companionship with NOD32 to remove spyware/malware/annoyware real-time and on-demand - now that I would be open to pay for!

-{ Quote: "... I definately would not want to see the qualities of nod32 as an antivirus tool compromised for the sake of malware detection as i use other programs for that - albeit 3 other programs as each one misses threats that the others find...and these are dedicated malware programs." }-
That pretty much sums up the point of this thread for me